CN113568785A - Block chain-based data backup method, device, equipment and storage medium - Google Patents
Block chain-based data backup method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN113568785A CN113568785A CN202111110619.4A CN202111110619A CN113568785A CN 113568785 A CN113568785 A CN 113568785A CN 202111110619 A CN202111110619 A CN 202111110619A CN 113568785 A CN113568785 A CN 113568785A
- Authority
- CN
- China
- Prior art keywords
- data
- original data
- original
- block
- integrity information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1464—Management of the backup or restore process for networked environments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/80—Database-specific techniques
Abstract
The invention discloses a data backup method, a device, equipment and a storage medium based on a block chain, wherein the method comprises the following steps: acquiring original data; processing the original data to acquire original integrity information; sending the original integrity information to a server so that the server stores the original integrity information in a blockchain network; encoding the original data to obtain an encoded block; and sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block. The method has the advantages that the coding blocks obtained by coding the original data are stored in the cloud storage platform, and the original integrity information of the original data is stored in the block chain network of the server, so that the storage overhead generated by cloud storage data backup is effectively reduced.
Description
Technical Field
The present invention relates to the field of block chain technologies, and in particular, to a data backup method, apparatus, device, and storage medium based on a block chain.
Background
At present, cloud computing and big data technology permeate society rapidly, more and more users choose to use a cloud storage platform to host a large amount of applications and data, as user services gradually go to the cloud, the data of the users also begin to depend on the cloud storage platform to the utmost extent, the prior art generally adopts a plurality of copies of a mechanism to carry out redundancy backup on the data, the plurality of copies of the data backup are stored on different storage nodes by the multi-copy mechanism, the mode brings about exponentially rising storage overhead for cloud storage, and serious waste of storage space is caused when the data amount reaches mass.
Therefore, the problem of space waste exists in the backup of cloud storage data in the prior art.
Disclosure of Invention
The invention mainly aims to provide a data backup method, a data backup device, data backup equipment and a storage medium based on a block chain, and aims to solve the technical problem that space is wasted in backup of cloud storage data in the prior art.
According to a first aspect of the present invention, there is provided a block chain based data backup method, comprising the steps of:
acquiring original data;
processing the original data to acquire original integrity information;
sending the original integrity information to a server so that the server stores the original integrity information in a blockchain network;
encoding the original data to obtain an encoded block;
and sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block.
Optionally, the step of processing the raw data to obtain raw integrity information includes:
calculating a universal unique identifier UUID of the original data to obtain a first calculation result, and determining the first calculation result as an original data ID;
calculating the length of the original data to obtain a second calculation result, and determining the second calculation result as the length of the original data;
calculating the original data through a Hash function to obtain a third calculation result, and determining the third calculation result as the Hash of the original data;
and acquiring the original integrity information based on the original data ID, the original data length and the original data Hash.
Optionally, before the step of processing the raw data to obtain the raw integrity information, the method further includes:
and sending a fourth request for acquiring a public and private key pair to the server.
Optionally, the public-private key pair comprises a public key and a private key;
the step of calculating the UUID of the universally unique identifier of the original data to obtain a first calculation result, and determining the first calculation result as the ID of the original data comprises the following steps:
and calculating the universal unique identifier UUID of the original data through the private key to obtain a first calculation result, and determining the first calculation result as the original data ID.
Optionally, the coding block comprises a data block and a redundant block;
the step of encoding the original data to obtain an encoded block includes:
judging whether the original data can be divided evenly;
if the original data can be divided evenly, dividing the original data evenly into data blocks;
and encoding the data block to obtain a data block and a redundant block.
Optionally, after the step of determining whether the raw data can be divided evenly, the method further includes:
and if the original data cannot be divided evenly, filling data at the tail end of the original data so as to enable the original data to be divided evenly.
According to a second aspect of the present invention, there is provided a block chain-based data backup apparatus, including:
the first acquisition module is used for acquiring original data;
the second acquisition module is used for processing the original data to acquire original integrity information;
the first sending module is used for sending the original integrity information to a server so that the server stores the original integrity information in a block chain network;
a third obtaining module, configured to code the original data to obtain a coding block;
and the second sending module is used for sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block.
Optionally, the apparatus further comprises:
a third sending module, configured to send a fourth request for obtaining a public and private key pair to the server
According to a third aspect of the present invention, there is provided a data backup apparatus based on a block chain, comprising: a memory, a processor, and a blockchain based data backup program stored in the memory and executable on the processor, the blockchain based data backup program implementing the steps described in any of the possible implementations of the implementation of the first aspect when executed by the processor.
According to a fourth aspect of the present invention, there is provided a storage medium having stored thereon a blockchain-based data backup program that, when executed by a processor, implements the various steps described in any one of the possible implementations of the first aspect.
The embodiment of the invention provides a data backup method, a device, equipment and a storage medium based on a block chain, wherein the method comprises the following steps: acquiring original data; processing the original data to acquire original integrity information; sending the original integrity information to a server so that the server stores the original integrity information in a blockchain network; encoding the original data to obtain an encoded block; and sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block. The method has the advantages that the coding blocks obtained by coding the original data are stored in the cloud storage platform, and the original integrity information of the original data is stored in the block chain network of the server, so that the storage overhead generated by cloud storage data backup is effectively reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a data backup device based on a blockchain in a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a block chain-based data backup method according to a first embodiment of the present invention;
FIG. 3 is a flowchart illustrating a first embodiment of a block chain-based data backup device according to the present invention;
FIG. 4 is a schematic diagram of a first embodiment of a scenario in which an embodiment of the invention is concerned;
fig. 5 is a schematic diagram of a second embodiment of a scenario according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The main solution of the embodiment of the invention is as follows: acquiring original data; processing the original data to acquire original integrity information; sending the original integrity information to a server so that the server stores the original integrity information in a blockchain network; encoding the original data to obtain an encoded block; and sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block.
The problem of space waste exists in the backup of cloud storage data in the prior art.
The invention provides a solution, which effectively reduces the storage overhead generated by cloud storage data backup by storing the coding block obtained by encoding the original data into the cloud storage platform and storing the original integrity information of the original data into the block chain network of the server.
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Where "first" and "second" are used in the description and claims of embodiments of the invention to distinguish between similar elements and not necessarily for describing a particular sequential or chronological order, it is to be understood that such data may be interchanged where appropriate so that embodiments described herein may be implemented in other sequences than those illustrated or described herein.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a data backup device based on a block chain in a hardware operating environment according to an embodiment of the present invention;
in general, a blockchain-based data backup apparatus includes: at least one processor 1001, a memory 1002, and a blockchain based data backup program stored on the memory and executable on the processor, the blockchain based data backup program being configured to implement the steps of the blockchain based data backup method as described above.
In some embodiments, the terminal may further include: a communication interface 1003 and at least one peripheral device. The processor 1001, the memory 1002, and the communication interface 1003 may be connected by a bus or signal line. Various peripheral devices may be connected to communications interface 1003 via a bus, signal line, or circuit board. Specifically, the peripheral device includes: at least one of radio frequency circuitry 1004, a display screen 1005, and a power supply 1006.
The communication interface 1003 may be used to connect at least one peripheral device related to I/O (Input/Output) to the processor 1001 and the memory 1002. In some embodiments, processor 1001, memory 1002, and communication interface 1003 are integrated on the same chip or circuit board; in some other embodiments, any one or two of the processor 1001, the memory 1002 and the communication interface 1003 may be implemented on separate chips or circuit boards, which is not limited by the embodiment.
The Radio Frequency circuit 1004 is used for receiving and transmitting RF (Radio Frequency) signals, also called electromagnetic signals. The radio frequency circuitry 1004 communicates with communication networks and other communication devices via electromagnetic signals. The radio frequency circuit 1004 converts an electrical signal into an electromagnetic signal to transmit, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 1004 comprises: an antenna system, an RF transceiver, one or more amplifiers, a tuner, an oscillator, a digital signal processor, a codec chipset, a subscriber identity module card, and so forth. The radio frequency circuit 1004 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocols include, but are not limited to: metropolitan area networks, various generation mobile communication networks (2G, 3G, 4G, and 5G), Wireless local area networks, and/or WiFi (Wireless Fidelity) networks. In some embodiments, the rf circuit 1004 may further include NFC (Near Field Communication) related circuits, which are not limited in this application.
The display screen 1005 is used to display a UI (User Interface). The UI may include graphics, text, icons, video, and any combination thereof. When the display screen 1005 is a touch display screen, the display screen 1005 also has the ability to capture touch signals on or over the surface of the display screen 1005. The touch signal may be input to the processor 1001 as a control signal for processing. At this point, the display screen 1005 may also be used to provide virtual buttons and/or a virtual keyboard, also referred to as soft buttons and/or a soft keyboard. In some embodiments, the display screen 1005 may be one, the front panel of the electronic device; in other embodiments, the display screens 1005 may be at least two, respectively disposed on different surfaces of the electronic device or in a folded design; in some embodiments, the display screen 1005 may be a flexible display screen, disposed on a curved surface or on a folded surface of an electronic device. Even more, the display screen 1005 may be arranged in a non-rectangular irregular figure, i.e., a shaped screen. The Display screen 1005 may be made of LCD (liquid crystal Display), OLED (Organic Light-Emitting Diode), and the like.
The power supply 1006 is used to supply power to various components in the electronic device. The power supply 1006 may be ac, dc, disposable or rechargeable. When the power supply 1006 includes a rechargeable battery, the rechargeable battery may support wired or wireless charging. The rechargeable battery may also be used to support fast charge technology. Those skilled in the art will appreciate that the architecture shown in fig. 1 does not constitute a limitation of a blockchain based data backup appliance and may include more or fewer components than shown, or some components in combination, or a different arrangement of components.
Based on the above hardware structure, an embodiment of the data backup method based on the block chain is provided.
Referring to fig. 2, fig. 2 is a schematic flowchart of a first embodiment of a block chain-based data backup method according to the present invention, where the method includes the following steps:
s100, acquiring original data;
it should be noted that the execution subject of this embodiment is a user side, and the user side may be a terminal device with a communication function, for example: mobile phones, computers, tablets, etc. The raw data may be data that a user needs to store in the cloud storage platform, and specifically, the user side acquires the raw data through input of the user.
S300, processing the original data to acquire original integrity information;
it will be appreciated that the raw integrity information is generated from the raw data by processing and may be used to characterize the integrity of the raw data.
Further, before step S300, the method further includes:
s200, sending a fourth request for obtaining a public and private key pair to the server.
It should be noted that the user terminal interacts with the server through the network, and the server is one of the computers, and provides computing or application services for other terminal devices in the network. The server in this embodiment includes a blockchain network, and the server can provide blockchain services to the user terminal through the blockchain network.
In a specific implementation, a network interaction operation mode between the client and the server may be a C/S mode, the server may communicate with the client by using an RPC (Remote Procedure Call) communication protocol, the RPC Call is a service-oriented package, and the server packages a service in communication by using the RPC, so that the client may obtain details of the service provided by the server by using the RPC Call and transmit data with the server. For example, the server encapsulates the block chain in the form of a service through the RPC, so that the user end can call an interface of the block chain service through the RPC and use the block chain service.
Before the user side interacts with the server, the user side needs to apply for an account of the blockchain service from the server. Specifically, the user side sends a fourth request to the server, and it can be understood that the fourth request is a request for obtaining a public and private key pair, so as to apply for the blockchain account and store the public and private keys of the account through the server. And sending the public and private keys of the account to a user side applying for the blockchain account by the server. It should be noted that the server may provide a CA (Certificate Authority, electronic Certificate) service, and generate a public-private key pair using an ECDSA (Elliptic Curve Digital Signature) Algorithm. When the server receives a request of a user for obtaining a public and private key pair, a block chain account is distributed for the user, the public and private key pair is generated through an ECDSA algorithm and is sent to the user side, so that the user side stores the public and private key pair, the data ID is calculated through the private key, digital signature is carried out, and the public key is used as an identification of the account.
Further, the specific implementation process of step S300 includes:
s302, calculating a universal unique identifier UUID of the original data to obtain a first calculation result, and determining the first calculation result as the original data ID;
further, the public-private key pair comprises a public key and a private key;
s322, calculating the UUID of the universal unique identifier of the original data through the private key to obtain a first calculation result, and determining the first calculation result as the ID of the original data.
In one implementation, the universally unique identifier UUID may be calculated by a private key, and then the UUID and the original data name may be combined to obtain a first calculation result, and the first calculation result may be used as the original data ID. Specifically, the user side encodes the private key into a byte array, calculates the UUID through the byte array, obtains a character string by deleting the connector "-" in the UUID, connects the character string with the original data name to obtain a first calculation result, and finally takes the first calculation result as the original data ID. The original data ID calculated in this way can ensure the uniqueness of the original data ID.
In another implementation, the user side may encode the private key into a byte array and convert the byte array into a first character string, then connect the first character string with the original data name to combine into a second character string, calculate a UUID through the second character string, where a connector "-" exists in the UUID, delete the connector "-" in the UUID to obtain a first calculation result, and finally use the first calculation result as the original data ID. The original data ID calculated in the mode is shorter in length and can also guarantee uniqueness.
It is understood that the standard UUID format is "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxxxxx (8-4-4-4-12, respectively in length)", and therefore a 32-bit string is obtained after the connector is deleted.
S304, calculating the length of the original data to obtain a second calculation result, and determining the second calculation result as the length of the original data;
specifically, the length of the original data may be calculated in units of bytes, a second calculation result is obtained, and the second calculation result is determined as the original data length.
S306, calculating the original data through a Hash function to obtain a third calculation result, and determining the third calculation result as the Hash of the original data;
specifically, the original data may be calculated by a Hash function SHA-256 (Secure Hash Algorithm 256) to obtain a third calculation result, and the third calculation result is determined as the original data Hash.
S308, acquiring the original integrity information based on the original data ID, the original data length and the original data Hash.
And packaging the calculated original data ID, the original data length and the original data Hash to obtain the original integrity information of the original data.
S500, sending the original integrity information to a server so that the server stores the original integrity information in a block chain network;
in this embodiment, the user side sends the original integrity information to the server, so that the server stores the original integrity information in the blockchain network.
It should be appreciated that a blockchain network in the server may be used to store the original integrity information of the original data. The block chain constructs a chain structure with blocks as basic units in time sequence, each block consists of a block head and a block body, wherein the block body stores a Merkle tree (Merck tree) consisting of a large amount of data; the block head mainly stores protocol version, previous block Hash, Merkle root, time stamp, random number and the like. In the block chain, all blocks are connected in series in the form of Hash pointers to form a special linked list. The block chain is based on two data structures of a Merkle tree and a block chain table, so that the uncollapsibility of data is guaranteed. Tampering of all data in the tree can be detected through the Merkle tree, and whether the designated data exist in the block can be judged according to direct branching from the node of the Merkle tree to a Merkle root path; and when the block linked list is acquired from the block chain network, whether each block on the chain is modified or not can be verified based on the block Hash, wherein the block Hash of the previous block is stored in the previous block Hash. The special chain type data structure constructed by the block chain technology has the security characteristics of decentralization, tamper resistance, deletion resistance and the like.
The server uses the alliance chain as an implementation scheme of the block chain technology, and users in the alliance chain can perform operations such as data verification and the like only after authorization. In addition, in order to store the digital asset information of the user for convenient management, the data integrity information belonging to one user can be separately stored in one block, and correspondingly, a message field is added in the block structure body for storing the related information of the user.
In a specific implementation, the message field and the public key acquired by the user side have a corresponding relationship, and after the user side acquires a public-private key pair sent by the server, the user side uses the public key as an account identity and uses the private key to perform digital signature. It can be understood that the server verifies the digital signature of the user end through the public key of the user end, and meanwhile, the corresponding message field in the block chain network can be queried through the public key, so as to obtain the digital asset information of the block where the message field is located.
S700, encoding the original data to obtain an encoding block;
generally, a user side interacts with a cloud storage platform through a network to store original data in the cloud storage platform, and the original data are difficult to retrieve once lost. The user end in the embodiment encodes the original data, and stores the encoded blocks into the cloud storage platform, it can be understood that the encoded blocks obtained by encoding the original data may be multiple, the encoded blocks are stored in the cloud storage platform in a scattered manner, and when the encoded blocks are lost, the data can be recovered through the remaining encoded blocks.
The method includes the steps that a user side can encode original data by adopting an erasure code algorithm, the number of data blocks is preset according to the erasure code algorithm, the number of redundant blocks is generated through calculation, the user side encodes the original data to generate a coding block, further, the coding block is stored in a cloud storage platform, and then the coding block is obtained through the cloud storage platform.
In this embodiment, cauchy RS (Reed-Solomon) encoding can be selected as an erasure code technical scheme, and encoding and decoding are performed on data of a user by using an encoding and decoding function implemented in a JErasure library as a calling method, and the JErasure library provides a general RS encoding mode and is a class library of erasure codes based on C language. In the Cauchy RS code, a Cauchy matrix is used to replace a Van der Monte determinant in Van der Monte RS code, so that the matrix can be generated more simply, and the calculation efficiency is improved.
It should be understood that the coding block includes a data block and a redundant block, and in the cauchy RS coding scheme, the number of parts of the original data divided into the data block and the number of parts of the redundant block can be calculated. Through Cauchy RS coding, cloud storage data can be generated by decoding only the coding blocks with the data block number of copies, and errors of the coding blocks with the data block number of copies not exceeding the redundant block number of copies can be tolerated.
Further, the specific implementation process of step S700 includes:
s702, judging whether the original data can be divided averagely or not;
further, after step S702, the method further includes:
and S703, if the original data cannot be divided evenly, filling data at the end of the original data so as to enable the original data to be divided evenly.
In the specific implementation, the user side calculates whether the length of the original data can be divided evenly according to the number of the data blocks according to the preset number of the data blocks, so as to judge whether the original data can be divided evenly, and if the original data cannot be divided evenly, data is filled at the tail of the original data, so that the original data can be divided evenly. Wherein the padding data may be a digital 0.
S704, if the original data can be divided evenly, dividing the original data evenly into data blocks;
s706, encode the data block to obtain a data block and a redundant block.
It is understood that if the original data can be divided evenly, the original data is divided evenly, and the data block obtained by dividing evenly is represented as a column vector, and a cauchy matrix is constructed and multiplied with the column vector to generate a new column vector, which is embodied in the form of data, namely a data block and a redundant block.
In this embodiment, the preset number of data blocks and the number of redundant blocks may be (5, 2), that is, the user end may select to use RS (5, 2) erasure coding, through which the original data may be averagely divided into 5 data blocks, and 2 data redundant blocks are calculated and generated. Theoretically, through the operation of the encoding, the generated encoded block needs 140% of the space overhead of the original data, and any damage of no more than 2 encoded blocks will not make the original data completely lose usability. Compared with the common multi-copy backup mode in the prior art, the erasure coding backup mode has smaller space overhead and higher fault-tolerant capability.
S900, sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block.
In this embodiment, the client sends the coding block to the cloud storage platform, so that the cloud storage platform stores the coding block.
It should be noted that, in the cluster of the cloud storage platform, the user side may be a device outside the cluster, or may be one storage node constituting the cluster. When the user side is an external device of the cluster, referring to fig. 4, the server operates outside the cloud storage platform, the user of the user side is an ordinary user outside the cluster, the user uses a cloud storage space provided by the cloud storage platform to store a coding block of data, and simultaneously uses a block chain network in the server to store original integrity information of the data, and obtains original data length and verifies data integrity from the block chain network before using the data; when the user side is a storage node forming a cluster, referring to fig. 5, the server operates in the cloud storage cluster, and in order to ensure necessary computing power, the server may be deployed at a control node with stronger computing power, and at this time, the storage node in the cluster stores original integrity information of data in a blockchain network in the server, so that the integrity information of the data is not tampered and deleted.
Further, when the user side uses the original data again, the user side needs to interact with the cloud storage platform and the server through the network, and it can be understood that the user side acquires the coding blocks of the original data from the cloud storage platform, decodes the coding blocks to acquire cloud storage data, calculates real-time integrity information of the cloud storage data and sends the information to the server to be compared with the original integrity information of the original data, if the real-time integrity information is consistent with the original integrity information, the cloud storage data is consistent with the original data, and the user can directly use the cloud storage data. The real-time integrity information is generated by processing the cloud storage data and can be used for representing the integrity of the cloud storage data.
It should be noted that, when the user acquires the encoded block of the original data from the cloud storage platform, a first request may be sent to the cloud storage platform to acquire the encoded block of the original data. The first request may be a request for obtaining an encoded block of the original data from the cloud storage platform.
In a specific implementation, the first request may include an original data name, that is, the user side uses the original data name as an interactive credential of data, so as to obtain the encoding block corresponding to the original data name from the cloud storage platform, and the encoding block corresponding to the original data name may obtain the cloud storage data after being decoded, that is, the encoding block and the cloud storage data have a corresponding relationship. Of course, other data attributes may also be used as the data interaction credential, which is not limited herein.
It should be noted that the last block of the encoding block generated by encoding the original data may be filled with unrelated data, so that the user terminal needs to acquire the original length information of the original data to decode the encoding block, so as to specify the data length to decode, thereby acquiring correct cloud storage data.
In this embodiment, a second request may be sent to the server to obtain the raw data length of the raw data. The second request may be a request for the user to obtain the original data length of the original data, where the original data length of the original data is stored in the blockchain network of the server.
In a specific implementation, the second request may include an original data ID, that is, the user side uses the original data ID as an interaction credential of data, so as to obtain an original data length corresponding to the original data ID from the server, and of course, other data attributes may also be used as the data interaction credential, which is not limited herein.
It is understood that the server may include a blockchain network for storing original integrity information of the original data, the original integrity information including an original data length of the original data and an original data ID, and the original data ID and the original data length have a corresponding relationship.
After receiving the second request, the server may directly obtain the original data length from the blockchain network. Specifically, the server may provide an interface for directly obtaining the length of the original data, and the interface may return the corresponding length of the original data according to the ID of the original data in the second request.
After the user side acquires the coding blocks from the cloud storage platform and the original data length from the server, the coding blocks are decoded by an erasure code technology, and it should be understood that the coding blocks acquired by the user side are all data blocks. In this embodiment, the user side decodes all data blocks based on the original data length to obtain cloud storage data.
Further, the user side calculates real-time integrity information of cloud storage data, and sends the calculated real-time integrity information to the server, so that the server searches whether original integrity information consistent with the real-time integrity information exists in the block chain network or not, and a search result is obtained.
Because the coding block has the risk of being tampered in the cloud storage platform, whether the coding block of the original data is tampered can be verified by verifying whether the real-time integrity information is consistent with the original integrity information. In this embodiment, the server stores the original integrity information of the original data in the blockchain network, when the user uses the data integrity verification service of the server, the user needs to perform digital signature on the real-time integrity information through a private key, and the user sends the real-time integrity information and the digital signature to the server, so that the server verifies the digital signature of the user through a public key of the user, and if the verification fails, error information is returned to the user; and if the verification is passed, searching whether the original integrity information consistent with the real-time integrity information exists in the block chain network, thereby carrying out data integrity verification.
In a specific implementation, the server traverses the entire block chain network to find whether the original integrity information consistent with the real-time integrity information exists in the block of each block, and further traverses the Merkle tree in the block to find whether the original integrity information consistent with the real-time integrity information exists in the tree.
Because the integrity information comprises the data ID, the data length and the data Hash, it can be understood that when the real-time data ID, the real-time data length and the real-time data Hash in the real-time integrity information correspond to the original data ID, the original data length and the original data Hash in the original integrity information, a result that the real-time integrity information is consistent with the original integrity information can be obtained, namely the integrity of the cloud storage data is correct, and the data content is not tampered; if at least one of the three data attributes of the data ID, the data length and the data Hash is inconsistent in the verification of the real-time integrity information and the original integrity information, it indicates that the real-time integrity information is inconsistent with the original integrity information, that is, the integrity of the cloud storage data is incorrect, the data content of the cloud storage data is tampered, and at this time, the cloud storage data is not usable, and data recovery needs to be performed at the user side.
It should be noted that the user side receives the verification result returned by the server, and if the result indicates that the integrity of the cloud storage data is correct, the user side can directly use the cloud storage data; and if the result shows that the integrity of the cloud storage data is incorrect, the user side needs to recover the data. Because the cloud storage data is obtained by decoding the coding blocks, when data recovery is performed, the coding blocks corresponding to the cloud storage data need to be obtained again.
It should be understood that, before data integrity verification, the coding blocks acquired by the user side from the cloud storage platform are all data blocks, and when data recovery is performed, all redundant blocks need to be acquired from the cloud storage platform.
In a specific implementation of data recovery, the user side sends a third request to the cloud storage platform to obtain all redundant blocks corresponding to the original data, and sends a second request to the server to obtain the original data length of the original data. And decoding all the redundant blocks and the data blocks by using an erasure code technology based on the original data length to acquire new cloud storage data. After new cloud storage data are obtained, the integrity of the data is verified again according to the method in the previous step, and if the verification result shows that the integrity of the new cloud storage data is correct, the data are successfully recovered; and if the verification result shows that the integrity of the new cloud storage data is still incorrect, the data cannot be recovered. It can be understood that when the data cannot be recovered, the user end outputs an error message to the user so that the user knows that the data is damaged.
In this embodiment, the third request may be a request for obtaining a redundant block corresponding to the original data from the cloud storage platform. In a specific implementation, the third request may include an original data name, that is, the user side uses the original data name as an interaction credential of the data, so as to obtain the redundant block corresponding to the original data name from the cloud storage platform, and of course, other data attributes may also be used as the data interaction credential, which is not limited herein.
Furthermore, for cloud storage platforms of different storage types: the method of the embodiment can be integrated into file-level cloud storage, object-level cloud storage and block-level cloud storage. In the process of integrating the method of the embodiment, the cloud storage platform does not need any additional setting, and only the user side code of the method of the embodiment needs to be integrated at the cloud storage client. It should be understood that, when the user side performs encoding or decoding, the erasure code algorithm adopted is different for data objects processed by cloud storage platforms of different storage types: for file-level cloud storage, the processed data object is a file in a file system; for object level cloud storage, the processed data objects are objects in an object storage system.
For cloud storage platforms with different service ranges: public cloud, private cloud, hybrid cloud, the method of this embodiment can operate independently. In a public cloud, the server of the implementation method is operated in an independent cloud server, and a user side adopts an independent network to respectively communicate and interact with the cloud storage platform and the server; in the private cloud, the server of the method can run in a highly available server in the local private cloud, the deployment mode is similar to that of the public cloud, and only the network connection is changed from the internet into a local area network with better quality; the hybrid cloud is provided with a public cloud center and a private cloud center, in order to protect the privacy of user data, the server can be operated in the local private cloud center, and the deployment mode is similar to that of the private cloud.
Through the above embodiment, the original data is acquired; processing the original data to acquire original integrity information; sending the original integrity information to a server so that the server stores the original integrity information in a blockchain network; encoding the original data to obtain an encoded block; and sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block. The method has the advantages that the coding blocks obtained by coding the original data are stored in the cloud storage platform, and the original integrity information of the original data is stored in the block chain network of the server, so that the storage overhead generated by cloud storage data backup is effectively reduced.
Referring to fig. 3, fig. 3 is a flowchart illustrating a block chain-based data backup apparatus according to a first embodiment of the present invention.
The device comprises:
a first obtaining module 100, configured to obtain original data;
a second obtaining module 300, configured to process the original data to obtain original integrity information;
a first sending module 500, configured to send the original integrity information to a server, so that the server stores the original integrity information in a blockchain network;
a third obtaining module 700, configured to encode the original data to obtain an encoded block;
a second sending module 900, configured to send the coding block to a cloud storage platform, so that the cloud storage platform stores the coding block.
Further, the server stores a public and private key pair;
the device further comprises:
and a third sending module 200, configured to send a fourth request for obtaining a public-private key pair to the server.
The specific steps performed by the block chain-based data backup apparatus refer to the above description, and are not described herein again.
Furthermore, an embodiment of the present invention further provides a storage medium, where a data backup program based on a blockchain is stored on the storage medium, and when executed by a processor, the data backup program based on the blockchain implements the steps of the data backup method based on the blockchain according to the above method embodiment. Therefore, a detailed description thereof will be omitted. In addition, the beneficial effects of the same method are not described in detail. For technical details not disclosed in the embodiments of the storage medium referred to in the present application, reference is made to the description of the embodiments of the method of the present application. Determining by way of example, the program instructions may be deployed to be executed on one blockchain-based data backup appliance, or on multiple blockchain-based data backup appliances located at one site, or on multiple blockchain-based data backup appliances distributed across multiple sites and interconnected by a communication network.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a storage medium and can include the processes of the embodiments of the methods described above when executed. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. A data backup method based on a block chain is characterized by comprising the following steps:
acquiring original data;
processing the original data to acquire original integrity information;
sending the original integrity information to a server so that the server stores the original integrity information in a blockchain network;
encoding the original data to obtain an encoded block;
and sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block.
2. The method of claim 1, wherein the step of processing the raw data to obtain raw integrity information comprises:
calculating a universal unique identifier UUID of the original data to obtain a first calculation result, and determining the first calculation result as an original data ID;
calculating the length of the original data to obtain a second calculation result, and determining the second calculation result as the length of the original data;
calculating the original data through a Hash function to obtain a third calculation result, and determining the third calculation result as the Hash of the original data;
and acquiring the original integrity information based on the original data ID, the original data length and the original data Hash.
3. The method of claim 2, wherein prior to the step of processing the raw data to obtain raw integrity information, the method further comprises:
and sending a fourth request for acquiring a public and private key pair to the server.
4. The method of claim 3, wherein the public-private key pair comprises a public key and a private key;
the step of calculating the UUID of the universally unique identifier of the original data to obtain a first calculation result, and determining the first calculation result as the ID of the original data comprises the following steps:
and calculating the universal unique identifier UUID of the original data through the private key to obtain a first calculation result, and determining the first calculation result as the original data ID.
5. The method of claim 1, wherein the encoded blocks comprise data blocks and redundant blocks;
the step of encoding the original data to obtain an encoded block includes:
judging whether the original data can be divided evenly;
if the original data can be divided evenly, dividing the original data evenly into data blocks;
and encoding the data block to obtain a data block and a redundant block.
6. The method of claim 5, wherein after the step of determining whether the raw data is evenly divisible, the method further comprises:
and if the original data cannot be divided evenly, filling data at the tail end of the original data so as to enable the original data to be divided evenly.
7. An apparatus for block chain based data backup, the apparatus comprising:
the first acquisition module is used for acquiring original data;
the second acquisition module is used for processing the original data to acquire original integrity information;
the first sending module is used for sending the original integrity information to a server so that the server stores the original integrity information in a block chain network;
a third obtaining module, configured to code the original data to obtain a coding block;
and the second sending module is used for sending the coding block to a cloud storage platform so that the cloud storage platform stores the coding block.
8. The apparatus of claim 7, wherein the apparatus further comprises:
and the third sending module is used for sending a fourth request for obtaining the public and private key pair to the server.
9. A blockchain based data backup device, the device comprising a memory, a processor and a blockchain based data backup program stored in the memory and executable on the processor, the blockchain based data backup program implementing the steps of the method according to any one of claims 1 to 6 when executed by the processor.
10. A computer storage medium, characterized in that the computer storage medium stores a blockchain-based data backup program, which when executed by a processor implements the steps of the method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111110619.4A CN113568785B (en) | 2021-09-23 | 2021-09-23 | Block chain-based data backup method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111110619.4A CN113568785B (en) | 2021-09-23 | 2021-09-23 | Block chain-based data backup method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113568785A true CN113568785A (en) | 2021-10-29 |
| CN113568785B CN113568785B (en) | 2021-12-31 |
Family
ID=78173987
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111110619.4A Active CN113568785B (en) | 2021-09-23 | 2021-09-23 | Block chain-based data backup method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113568785B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115002141A (en) * | 2022-06-06 | 2022-09-02 | 上海加密原生科技有限公司 | File storage method and device based on block chain |
| CN115437852A (en) * | 2022-11-07 | 2022-12-06 | 四川大学 | Rapid block chain system and method based on disaster recovery and file partition table |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109271283A (en) * | 2018-09-06 | 2019-01-25 | 北京云测信息技术有限公司 | A kind of data back up method based on block chain |
| CN110149198A (en) * | 2019-04-29 | 2019-08-20 | 成都信息工程大学 | A kind of autonomous system and method that safeguard protection and storage controllably are carried out to data |
| US10628268B1 (en) * | 2016-12-15 | 2020-04-21 | EMC IP Holding Company LLC | Proof of data replication consistency using blockchain |
| CN111082941A (en) * | 2019-11-22 | 2020-04-28 | 天翼物联科技有限公司 | Internet of things data sharing method and system based on block chain technology |
| CN111414431A (en) * | 2020-04-28 | 2020-07-14 | 武汉烽火技术服务有限公司 | Network operation and maintenance data disaster recovery backup management method and system based on block chain technology |
| US20200228323A1 (en) * | 2019-01-16 | 2020-07-16 | EMC IP Holding Company LLC | Blockchain technology for data integrity regulation and proof of existence in data protection systems |
| CN111428271A (en) * | 2020-04-17 | 2020-07-17 | 上海坤仪金科信息技术有限公司 | Block chain cloud storage user data security solution method |
| CN111708657A (en) * | 2020-06-04 | 2020-09-25 | 江苏荣泽信息科技股份有限公司 | System backup and verification method based on block chain query |
| CN111953699A (en) * | 2020-08-17 | 2020-11-17 | 汪金玲 | Data encryption method and system based on block chain |
| CN112054897A (en) * | 2020-08-13 | 2020-12-08 | 武汉大学 | Outsourcing Internet of things data for protecting privacy based on block chain and integrity verification method for backup of outsourcing Internet of things data |
-
2021
- 2021-09-23 CN CN202111110619.4A patent/CN113568785B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10628268B1 (en) * | 2016-12-15 | 2020-04-21 | EMC IP Holding Company LLC | Proof of data replication consistency using blockchain |
| CN109271283A (en) * | 2018-09-06 | 2019-01-25 | 北京云测信息技术有限公司 | A kind of data back up method based on block chain |
| US20200228323A1 (en) * | 2019-01-16 | 2020-07-16 | EMC IP Holding Company LLC | Blockchain technology for data integrity regulation and proof of existence in data protection systems |
| CN110149198A (en) * | 2019-04-29 | 2019-08-20 | 成都信息工程大学 | A kind of autonomous system and method that safeguard protection and storage controllably are carried out to data |
| CN111082941A (en) * | 2019-11-22 | 2020-04-28 | 天翼物联科技有限公司 | Internet of things data sharing method and system based on block chain technology |
| CN111428271A (en) * | 2020-04-17 | 2020-07-17 | 上海坤仪金科信息技术有限公司 | Block chain cloud storage user data security solution method |
| CN111414431A (en) * | 2020-04-28 | 2020-07-14 | 武汉烽火技术服务有限公司 | Network operation and maintenance data disaster recovery backup management method and system based on block chain technology |
| CN111708657A (en) * | 2020-06-04 | 2020-09-25 | 江苏荣泽信息科技股份有限公司 | System backup and verification method based on block chain query |
| CN112054897A (en) * | 2020-08-13 | 2020-12-08 | 武汉大学 | Outsourcing Internet of things data for protecting privacy based on block chain and integrity verification method for backup of outsourcing Internet of things data |
| CN111953699A (en) * | 2020-08-17 | 2020-11-17 | 汪金玲 | Data encryption method and system based on block chain |
Non-Patent Citations (2)
| Title |
|---|
| PENGCHENG WEI: ""Blockchain data-based cloud data integrity protection mechanism"", 《FUTURE GENERATION COMPUTER SYSTEMS》 * |
| 江云超: ""区块链节点存储优化方案研究"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115002141A (en) * | 2022-06-06 | 2022-09-02 | 上海加密原生科技有限公司 | File storage method and device based on block chain |
| CN115002141B (en) * | 2022-06-06 | 2024-04-12 | 上海加密原生科技有限公司 | File storage method and device based on block chain |
| CN115437852A (en) * | 2022-11-07 | 2022-12-06 | 四川大学 | Rapid block chain system and method based on disaster recovery and file partition table |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113568785B (en) | 2021-12-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109491968B (en) | File processing method, device, equipment and computer readable storage medium | |
| CN113568785B (en) | Block chain-based data backup method, device, equipment and storage medium | |
| CN108647230B (en) | Distributed storage method, electronic device, and storage medium | |
| CN110119643A (en) | Two-dimensional code generation method and device, two-dimensional code identification method and device | |
| CN113553627B (en) | Block chain-based data integrity verification method, system, device and medium | |
| US10992481B2 (en) | Two-dimensional code generation method, apparatus, data processing method, apparatus, and server | |
| WO2019222934A1 (en) | File processing method, apparatus and system | |
| CN101964789B (en) | Method and system for safely accessing protected resources | |
| CN111478751B (en) | Data breakpoint continuous transmission method and device and terminal equipment | |
| CN111639080A (en) | Data processing method and device, node equipment and storage medium | |
| CN115269038A (en) | Data processing method for stateless computing, program product and electronic device | |
| CN108632020A (en) | Data transmission method for uplink, method of reseptance and device | |
| CN111427860B (en) | Distributed storage system and data processing method thereof | |
| CN113568786B (en) | Data recovery method, device, equipment and storage medium | |
| CN112463067A (en) | Data protection method and equipment in NVMe-oF scene | |
| CN111400771A (en) | Target partition checking method and device, storage medium and computer equipment | |
| CN113051622B (en) | Index construction method, device, equipment and storage medium | |
| CN109407974B (en) | Electronic device, picture deleting method based on mixed binary code and storage medium | |
| KR102375144B1 (en) | Device, method, system and computer readable storage medium for managing private key using blockchain | |
| CN105809051A (en) | Encryption card based enterprise key distribution method and encryption card based tax declaring method | |
| CN111818526B (en) | Data synchronization method and device | |
| KR101758727B1 (en) | Method for transmitting hidden information using message composed of string digital code | |
| CN111343150B (en) | Transaction data transmission method and system based on block chain and related components | |
| CN110585727B (en) | Resource acquisition method and device | |
| CN111949738A (en) | Block chain-based data storage deduplication method, terminal device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |